On nominal automata and their languages to 
verify interactive computation 


Tomoyuki Suzuki 


Institute of Computer Science, 
Academy of Sciences of the Czech Republic, 
Czech Republic 


23 October, 2014 


(joint work with Alexander Kurz and Emilio Tuosto) 


Automata and formal languages for computational behaviours 


Review: (classical) finite automata 


Alphabet ©: a finite set of letters, e.g. X = (a, b, c} 
Automaton A: a tuple (Q, qo, ó, F) 


Review: (classical) finite automata 


Alphabet ©: a finite set of letters, e.g. X = (a, b, c} 
Automaton A: a tuple (Q, qo, ó, F) 


> Q: a finite set of states 


Review: (classical) finite automata 


Alphabet Z: a finite set of letters, e.g. X = (a, b, c} 
Automaton A: a tuple (Q, qo, ó, F) 


K qo: the initial state 


VE) 


z 


92 


qe 


q7 
q5 


Review: (classical) finite automata 


Alphabet 2: a finite set of letters, e.g. X = (a, b, c} 
Automaton A: a tuple (Q, qo, ó, F) 


K F: a subset of Q (accepting states or final states) 
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Review: (classical) finite automata 
Alphabet >: a finite set of letters, e.g. X = (a, b, c} 
Automaton A: a tuple (Q, qo, ó, F) 
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Review: (classical) finite automata 


Word w: a finite sequence of letters in >, e.g. w = abbca 
Language L: a collection of words 
For example, the following automaton .A 
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A word a b c b c b c a is accepted? or rejected? 
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The monitor detects the malicious behaviours. 
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Research guestion 


Is classical automata theory enough to monitor interactive 
computations? 

Let's discuss this guestion by comparing with the R.Milner's 
argument 
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Environment-aware designs provide schematic pattern matching. 
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It stops at the first ‘c’ in 'ababcbc', although ‘aba’ and 'bcbc' are 
safe computations. 
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One may revise the automaton to restarting form somewhere: 


So, by refreshing some parts, 'ababcbc' are safe. But,... 
Problems: How the monitor notices the right deallocation? 
Possible solutions: 


> include deallocations in actions => information-flows are 
structured, e.g. trees 

> let the monitor "guess" => non-determinism and when the 
monitor detects ill-behaviours 
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Key idea: automata with resources 
=> nominal computation theory 


Basic nominal automata A* 
NU go, F, tr) 


1. Q: (finite) named set (endowed with a function || ||: Q > N) 
and we let reg(q) :— {1,..., llall} 
2. l: input function 


Ng) :2 LU reg(q) U {x, a} 


3. qo: initial state with no memory cell (reg(qo) = 0) 
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. F: final states with no memory cell (reg(q) = 0 for q € F) 


5. tr: transition relations satisfying for q, q' € Q and 
a € (q) U (eh, 


lal = ||g|| +1 a=x 
q € tr(q,oa) => ldla a-o 
Ja =llql| otherwise 


Picture of A? 
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A run of nominal automata is a sequence of configuration: 
Configulation (q, w, list): 

> q: astate 

> w: a word (sequence of letters etc) 


K list: a list of registered resources 
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A simple example (cont.) 


Let M be an infinite set of letters: a,b,c,d,e,... € N. 


Many words exhibit the same pattern: for example, 

ab ab ab ab ab cd ef gh ba ca ab ac 
NGGI NGGI M. ÁR ZÀ <À c oS 
Z Z Z F Z Z Á 4 Á Z # F 


A simple example (cont.) 


Let M be an infinite set of letters: a,b,c,d,e,... EN. 


Many words exhibit the same pattern: for example, 


But the following words do NOT: aa abaade abc 


A simple example (cont.) 
Let M be an infinite set of letters: a,b,c,d,e,... EN. 


Many words exhibit the same pattern: for example, 


But the following words do NOT: aa abaade abc 


Languages over infinite alphabets 


ÜU (m mke N* | WO < ï < k.nəi-i nai) 


ken {0} 


Languages on nominal automata 


What are “the” words (and languages)? 


There are a couple of different notions of words: 


What are “the” words (and languages)? 


There are a couple of different notions of words: 


> sequences of letters and names 


What are “the” words (and languages)? 


There are a couple of different notions of words: 
> seguences of letters and names 


> words with explicit binders (resource allocation and 
deallocation) 


What are “the” words (and languages)? 


There are a couple of different notions of words: 
> sequences of letters and names 


> words with explicit binders (resource allocation and 
deallocation) 


> orbits 


What are “the” words (and languages)? 


There are a couple of different notions of words: 
> sequences of letters and names 


> words with explicit binders (resource allocation and 
deallocation) 


> orbits 


> schematic words 


What are “the” words (and languages)? 


There are a couple of different notions of words: 


> 


> 


sequences of letters and names 


words with explicit binders (resource allocation and 
deallocation) 


orbits 


schematic words 


Different notions of words enjoy different mathematical properties: 
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determinism 

(regular) expressions 
relationships between languages 
closure properties 


etc 


Our research directions, results and open guestions 
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Nominal automata with flexible deallocations and chronicles 
> DA! and CAH 


Description of languages over infinite alphabets on 
different nominal automata 


CDA! 


Lista 
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Automata-Language game 


Idea: Proponent P provides automaton A and Opponent © gives a 
counterexample 


P chooses an automaton A in C 


. O chooses a word w in £ 


1 
2 
3. P exhibits a path to accept w or revise A to A’ € C 
4. O adds a suffix v so that wv € £ 

5. repeat from Step 3 


If O has a winning strategy, £ cannot be accepted by any 
automaton A in the class of automata C. 


Theorem 


> Lan is not accepted by DAF 
> Lwo is not accepted by CA? 


Open problems and further reserach directions 


Technical open problems 
> Presentations and expressions of words and languages 


> General separation method (partially solved: language-languae 
game) 


> Communicating models and frameworks 


> Nominal grammer and effective algorithm 


Open problems and further reserach directions 


Technical open problems 
> Presentations and expressions of words and languages 


> General separation method (partially solved: language-languae 
game) 


> Communicating models and frameworks 


Y 


Nominal grammer and effective algorithm 


Further research directions 
> Enrichments on resource structures: e.g. not just = and Æ 
but also with security levels or time-stamps 
> Safety properties over mobile interactions: how to inductively 
guarantee safety properties over mobile interactions 
> Schematic pattern matching on large data: schematic pattern 
matching to calculate similarities 


